From f951614fc2245ff6f6d4544e395f0087284540c9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Cl=C3=A9ment=20Sirieix?= <clem.sirieix@gmail.com>
Date: Mon, 2 Oct 2023 16:45:12 +0200
Subject: [PATCH] fix/allow single tenant app (#443)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Co-authored-by: Clément Sirieix <clementsirieix@clements-mbp.home>
---
 backend/chainlit/oauth_providers.py | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/backend/chainlit/oauth_providers.py b/backend/chainlit/oauth_providers.py
index 6554859a4c..e41890d6f3 100644
--- a/backend/chainlit/oauth_providers.py
+++ b/backend/chainlit/oauth_providers.py
@@ -145,7 +145,16 @@ class AzureADOAuthProvider(OAuthProvider):
         "OAUTH_AZURE_AD_CLIENT_SECRET",
         "OAUTH_AZURE_AD_TENANT_ID",
     ]
-    authorize_url = "https://login.microsoftonline.com/common/oauth2/v2.0/authorize"
+    authorize_url = (
+        f"https://login.microsoftonline.com/{os.environ.get('OAUTH_AZURE_AD_TENANT_ID', '')}/oauth2/v2.0/authorize"
+        if os.environ.get("OAUTH_AZURE_AD_ENABLE_SINGLE_TENANT")
+        else "https://login.microsoftonline.com/common/oauth2/v2.0/authorize"
+    )
+    token_url = (
+        f"https://login.microsoftonline.com/{os.environ.get('OAUTH_AZURE_AD_TENANT_ID', '')}/oauth2/v2.0/token"
+        if os.environ.get("OAUTH_AZURE_AD_ENABLE_SINGLE_TENANT")
+        else "https://login.microsoftonline.com/common/oauth2/v2.0/token"
+    )
 
     def __init__(self):
         self.client_id = os.environ.get("OAUTH_AZURE_AD_CLIENT_ID")
@@ -169,7 +178,7 @@ async def get_token(self, code: str, url: str):
             trust_env=True, raise_for_status=True
         ) as session:
             async with session.post(
-                "https://login.microsoftonline.com/common/oauth2/v2.0/token",
+                self.token_url,
                 data=payload,
             ) as result:
                 json = await result.json()